Symantec Endpoint Protection Manager service stops with "The Java Virtual Machine has exited with a code of -1, the service is being stopped." after using the IIS Lockdown Tool.

book

Article ID: 177879

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

After what appears to be a successful install of the Symantec Endpoint Protection Manager (SEPM), you are unable to log in using the SEPM Console.

Symptoms
You find the following HTTP error (or similar) in the log "scm-server-x.log" (where x is a number) located in the SEPM install directory under the "tomcat\logs" subdirectory.


java.lang.Exception: HTTP 404 Object Not Found, URL: http://:/secars/secars.dll?action=34

Cause

This behavior may be caused by running the IIS Lockdown Tool from Microsoft, either before, or after the SEPM is installed. The IIS Lockdown Tool makes fundamental changes to the security profile of IIS and related services. Its use without careful consideration, planning and testing, can prevent the SEPM from operating correctly, or from certain resources the SEPM utilizes from being accessible.

Resolution

If the IIS Lockdown Tool has been used, you may want to try reverting the changes made by the utility. This can be accomplished by running the IIS Lockdown Tool again and allowing it to revert the previously made changes. Once this process is complete, a restart of the IIS and SEPM services should be performed. A full system restart may or may not be required.


References
For more information on the IIS Lockdown Tool, its uses and what changes it makes, please see Microsoft's website at the following URL.


http://technet.microsoft.com/en-us/library/dd450372%28WS.10%29.aspx


Technical Information
Note: The IIS Lockdown Tool is designed only for IIS 4.0 (Windows NT 4.0), 5.0 (Windows 2000) and 5.1 (Windows XP). Its use is not supported on other versions of IIS and the results of doing so are unknown.